10:52 pm – June 8, 2026 Check Point Research has issued a critical alert regarding the active exploitation of a significant vulnerability affecting Remote Access VPN and Mobile Access deployments. The flaw, identified as CVE-2026-50751, carries a high CVSS score of 9.3 and pertains to an authentication bypass within insecurely configured IKEv1 key exchange protocols. This…
A significant new threat has emerged in the software development landscape, dubbed “Mythos,” which is far more advanced than typical software vulnerabilities. Industry experts, including Dan Lorenc, CEO of Chainguard, assert that Mythos, despite initial skepticism as a mere marketing tactic, represents a fundamental shift in cyber threats. These are…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting SolarWinds Serv-U software to its Known Exploited Vulnerabilities (KEV) catalog. This action, taken on June 6, 2026, signifies that the flaw is actively being exploited by malicious actors, prompting urgent attention from organizations reliant on…
The cybersecurity landscape is experiencing an unprecedented surge in vulnerability discovery, largely propelled by advancements in artificial intelligence. This week saw two significant developments highlighting this trend: a security startup revealed 21 previously unknown vulnerabilities in FFmpeg, a critical media library, all identified by an autonomous AI agent, while Google…
Cisco has issued a critical alert regarding a high-severity security vulnerability, CVE-2026-20182, within its Catalyst SD-WAN Manager software. This flaw has been observed to be under active exploitation, posing a significant risk to organizations relying on Cisco’s software-defined networking solutions. The vulnerability, which affects multiple deployment models including on-premises and…
A critical security vulnerability in the Everest Forms Pro WordPress plugin, affecting approximately 4,000 active installations, is being actively exploited by threat actors to execute arbitrary code, leading to full website compromise. This remote code execution (RCE) flaw, identified as CVE-2026-3300, carries a severe CVSS score of 9.8 and impacts…
Research & Analysis
More Articles
The Evasive Panda advanced persistent threat (APT) group, also known by aliases such as Bronze Highland, Daggerfly, and StormBamboo, has been actively conducting targeted cyberattacks since November 2022. Their latest campaign, which continued until November 2024, leverages sophisticated adversary-in-the-middle (AitM) attacks combined with DNS poisoning to deploy the stealthy MgBot…
In 2025, a concerning trend emerged in the cybersecurity landscape: small and medium-sized businesses (SMBs) became increasingly attractive targets for cybercriminals. This shift, detailed in the latest reports from the Data Breach Observatory, challenges previous assumptions about business vulnerability. As larger enterprises bolster their defenses, attackers are redirecting their efforts…
A new malware tool named NtKiller is being advertised on the dark web by a threat actor called AlphaGhoul, with claims that it can bypass antivirus and endpoint detection and response (EDR) solutions. This development marks a significant escalation in the cat-and-mouse game between cybercriminals and cybersecurity defenders. The tool’s…
WebRAT Malware Leverages GitHub Repositories as Proof-of-Concept Exploits to Target Users
By News RoomA concerning new malware campaign is actively distributing the WebRAT malware by disguising it as legitimate proof-of-concept exploits and gaming utilities on GitHub repositories. This multifaceted threat targets individuals searching for game cheats, pirated software, and application patches for popular games like Rust, Counter-Strike, and Roblox, posing a significant risk…
HardBit 4.0 ransomware is posing an escalating threat to organizations globally, featuring advanced evasion techniques and a novel deployment strategy. This latest version, an upgrade from a strain active since 2022, has enhanced its ability to circumvent security measures and maintain persistent access within infected systems. Unlike many other ransomware…
A sophisticated new variant of the MacSync Stealer malware is posing a significant threat to macOS users by leveraging digitally signed and notarized applications, a departure from previous, more easily detectable delivery methods. This evolution allows the malware to bypass initial macOS security measures, making it much stealthier. Security researchers…
Cybersecurity researchers have identified a sophisticated phishing campaign where threat actors are impersonating writers from major Korean television networks to distribute malware. Dubbed “Operation Artemis,” this evolving social engineering tactic leverages the credibility of media professionals to trick victims into downloading malicious documents, posing a significant threat to individuals and…
Indian Income Tax Department Investigates Businesses Using Multi-Stage Infection Chain Attacks
By News RoomCybercriminals are exploiting the critical Income Tax Return (ITR) filing season to launch sophisticated phishing attacks against Indian businesses. These campaigns, often amplified by public anxiety surrounding tax deadlines and potential refunds, employ high-fidelity lures designed to mimic official government communications and deliver persistent malware capable of full system compromise.…
An international law enforcement operation coordinated by INTERPOL has successfully recovered $3 million and led to the arrest of 574 individuals across 19 African nations, marking a significant stride in the ongoing crackdown on sophisticated cybercrime networks operating on the continent. The operation, dubbed Operation Sentinel, targeted prevalent threats such…
Researchers at Ontinue’s Cyber Defense Center have uncovered a disturbing trend: threat actors are weaponizing the legitimate open-source server monitoring tool, Nezha, to gain unauthorized post-exploitation access to compromised systems. This sophisticated tactic allows malicious actors to maintain persistent control over networks while circumventing many standard cybersecurity detection measures. Nezha,…
Two deceptive Google Chrome extensions, masquerading as legitimate VPN services under the name “Phantom Shuttle,” have been identified as actively intercepting user web traffic and stealing sensitive login credentials. These malicious extensions, circulating since at least 2017, have managed to infiltrate the Chrome Web Store, with over 2,180 users reportedly…
A severe security vulnerability, identified as CVE-2025-68613, has been discovered in the popular n8n workflow automation platform. This critical flaw could enable authenticated users to execute arbitrary code on affected systems, posing a significant risk to sensitive data and system integrity. The vulnerability carries a near-perfect CVSS score of 9.9…